Prevent sending emails and notifications to inactive users #2384
Conversation
models/issue_mail.go
Outdated
| if err != nil { | ||
| return fmt.Errorf("GetUserByID [%d]: %v", issue.PosterID, err) | ||
| } | ||
| if issue.PosterID != doer.ID && poster.IsActive == true { |
There was a problem hiding this comment.
Do not check booleans with == do just simple && poster.IsActive {. Should there be also check for && !poster.ProhibitLogin?
There was a problem hiding this comment.
Yes you are right. Will fix that.
models/migrations/v39.go
Outdated
| ) | ||
|
|
||
| func addDefaultValueToUserProhibitLogin(x *xorm.Engine) (err error) { | ||
| // Update user |
There was a problem hiding this comment.
Do not load data in go code. Just update with condition where prohibid_login is null
There was a problem hiding this comment.
I tried but there was an issue with one database.
Was complaining about not finding anything while updating because I had no user with nullin database.
There was a problem hiding this comment.
I tested it again with your proposed change.
It is working now, maybe I had a problem somewhere else ;-)
models/user.go
Outdated
| @@ -111,7 +111,7 @@ type User struct { | |||
| AllowGitHook bool | |||
| AllowImportLocal bool // Allow migrate repository by local path | |||
| AllowCreateOrganization bool `xorm:"DEFAULT true"` | |||
| ProhibitLogin bool | |||
| ProhibitLogin bool `xorm:"DEFAULT false"` | |||
| return watches, e.Find(&watches, &Watch{RepoID: repoID}) | ||
| return watches, e.Where("`watch`.repo_id=?", repoID). | ||
| And("`user`.is_active=?", true). | ||
| And("`user`.prohibit_login=?", false). |
There was a problem hiding this comment.
I don't think user who is prohibit_login will be moved from watchers UI.
There was a problem hiding this comment.
The method is also used in
Line 104 in f61a1d2
Perhaps I should add a second method or a parameter to add restriction conditionally?
There was a problem hiding this comment.
Yes, add additional parameter to function to know in to return all as it was or just active ones
There was a problem hiding this comment.
@lunny @lafriks I figured out that the view isn't using this method anyways. The view is using the method from here https://github.com/daviian/gitea/blob/e3f679f39da7985193cec28a7c21fbc16ab2310d/models/repo_watch.go#L67
The method in question is only used by notification and mail
models/issue.go
Outdated
| And("`comment`.type = ?", CommentTypeComment). | ||
| And("`user`.is_active = ?", true). | ||
| And("`user`.prohibit_login = ?", false). | ||
| Join("LEFT", "user", "`user`.id = `comment`.poster_id"). |
There was a problem hiding this comment.
I'm not sure why we're doing a left join here. If the goal is to include comments that don't have a "valid" poster (e.g. deleted user), I don't think this will work; for those comments the user.is_active column will be NULL, and the user.is_active = true condition won't hold. And if we don't want to include such comments, why not just do an inner join?
Ditto elsewhere
There was a problem hiding this comment.
@ethantkoenig good point, I also think it should be changed to INNER join
|
I will implement the requested changes this week, in the best case this evening. |
tboerger
added
the
lgtm/need 2
daviian
force-pushed
the
inactive-user-receive-mail-fix
branch
from
e3f679f
to
4c0d946
Compare
|
@daviian have you fixed all points? |
|
@lunny I have changed the joins to |
|
LGTM |
tboerger
added
lgtm/need 1
models/issue.go
Outdated
| @@ -1209,7 +1209,10 @@ func GetParticipantsByIssueID(issueID int64) ([]*User, error) { | |||
| userIDs := make([]int64, 0, 5) | |||
| if err := x.Table("comment").Cols("poster_id"). | |||
| Where("issue_id = ?", issueID). | |||
There was a problem hiding this comment.
shouldn't this really be?
Where("`comment`.issue_id = ?", issue).There was a problem hiding this comment.
Since issue_id is a unique attribute in this join it is valid sql, but I can add it for the sake of clarity.
models/issue_watch.go
Outdated
| @@ -91,6 +91,9 @@ func GetIssueWatchers(issueID int64) ([]*IssueWatch, error) { | |||
| func getIssueWatchers(e Engine, issueID int64) (watches []*IssueWatch, err error) { | |||
| err = e. | |||
| Where("issue_id = ?", issueID). | |||
There was a problem hiding this comment.
Same here, should have watch.issue_id
There was a problem hiding this comment.
As mentioned in the other comment, I can add it for the sake of clarity, but it wouldn't be necessary.
daviian
force-pushed
the
inactive-user-receive-mail-fix
branch
2 times, most recently
from
c00221a
to
4f36800
Compare
models/migrations/v40.go
Outdated
| _, err = x.Exec("ALTER TABLE \"user\" ALTER COLUMN `prohibit_login` SET NOT NULL, ALTER COLUMN `prohibit_login` SET DEFAULT false") | ||
| case "mssql": | ||
| // xorm already set DEFAULT 0 for data type BIT in mssql | ||
| _, err = x.Exec("ALTER TABLE [user] ALTER COLUMN \"prohibit_login\" BIT NOT NULL") |
There was a problem hiding this comment.
_, err = x.Exec(`ALTER TABLE [user] ALTER COLUMN "prohibit_login" BIT NOT NULL`)There was a problem hiding this comment.
No you can't :P I think bkcsoft asked that just for readability to not have to use backslashes
There was a problem hiding this comment.
So it should be changed in the other statements too?
There was a problem hiding this comment.
I would say no, because the other statements contain backticks
daviian
force-pushed
the
inactive-user-receive-mail-fix
branch
2 times, most recently
from
acc426a
to
ced11bd
Compare
Codecov Report
@@ Coverage Diff @@
## master #2384 +/- ##
==========================================
- Coverage 27.7% 27.59% -0.12%
==========================================
Files 83 83
Lines 16914 16928 +14
==========================================
- Hits 4686 4671 -15
- Misses 11553 11581 +28
- Partials 675 676 +1
Continue to review full report at Codecov.
|
|
@bkcsoft need your approval |
…ications Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
daviian
force-pushed
the
inactive-user-receive-mail-fix
branch
from
f0092d9
to
fdc0f6c
Compare
|
Rebased with current master |
| if err != nil { | ||
| return fmt.Errorf("GetUserByID [%d]: %v", issue.PosterID, err) | ||
| } | ||
| if issue.PosterID != doer.ID && poster.IsActive && !poster.ProhibitLogin { |
There was a problem hiding this comment.
missing testing in this patch?.
|
LGTM |
tboerger
added
lgtm/done
Targets #2034
Added checks if user is inactive (
is_active = falseorprohibit_login = true) before creating notifications and sending mails.Furthermore I added
NOT NULL DEFAULT falsetoprohibit_loginfield.Changed unit tests accordingly and added a migration, which I tested for mssql, mysql and postgresql.